18,000 organizations have malicious code in their network, and 50 of them have suffered major breaches.

Teknologize CEO, Byron Martin, discusses the recent SolarWinds hack and the severity and implications to follow.

FireEye Breach Announced before SolarWinds Hack was Detected?

Byron Martin: Microsoft has confirmed and announced that they were also breached. It was released that a US nuclear weapons facility had been breached, and we are just barely hearing the beginning.

Hello, my name is Byron Martin, CEO of Teknologize, and I am here today to share some information that has really rocked the cybersecurity world. When I say rocked, I mean, all hell has broken loose. It is just nuts. The implications are extremely frightening and huge.

And we have barely seen the tip the iceberg on what is going on here. Let me explain a little bit of what has transpired and how this impacts you and why you care, why you want to care, and why this matters.

Last week, a company called FireEye, a well-renowned cybersecurity or organization, private company announced that they had been hacked, they had been breached. Now this is a big deal because they're one of the foremost experts in cybersecurity and they have tight cybersecurity based on who they are.

Part of their announcement was released that all their hacking tools had been stolen, so that was a big deal, but you know what? As I was reading it and based on the feeling, I was getting from other professionals that FireEye, they were owning it and they readily admitted that, they said, "Hey, everybody's going to get hacked, and it's going to happen to even the best."

U.S. Agencies and Fortune 500 Companies Breached 

So, they were breached, now, what transpired soon after really started, ears started perking up even more, and people were like, "Oh my gosh! Hello? What’s going on?"

So, FireEye was breached, but just barely a day or two later, it was announced that the US Treasury Department and the US Department of Commerce National Telecommunications and Information Administration had both been breached.

Oh man, yeah, that's not good, that's crazy, but we hear about government agencies getting hacked all the time, so, okay…Yeah…

Well, it does not stop there. It does not stop there. I hear that the State Department, the Department of Homeland Security, parts of the Pentagon. Okay, now this is getting real. What's going on? These guys have been breached now also?

How did the SolarWinds Hack get Discovered?

How's this happening?

What's going on here?

Let me go through the full list now. So, I have given you a few more. Now the Department of Health's National Institute of Health, NIH. The Cybersecurity and Infrastructure Agency, the CISA. The Department of Homeland and Department of State. Those are already mentioned, but, okay, so now we have got a good handful of agencies that have been breached.

Well, FireEye through their forensics investigation on what happened to them, figured out what happened. There is a company called SolarWinds and you may not know about it or hear about it. But SolarWinds is the global leader in IT management, IT monitoring tools. Everybody's got it. I mean, if you're a Fortune 500 company, you've got it. If you're a large agency, government agency, state or federal, you've got SolarWinds. Their primary product called Orion, I mean, it is prolific, it's out there because it's one of the best tools, and it's how you visibly monitor your network and see what's going on.

Russian Hackers Embedded Malware into SolarWinds Orion Software

Experts are saying that maybe sometime in March 2020 or before that. Somebody was saying as far back as October 2019, this hacker group, a Russian-sponsored nation-state hacker group got into SolarWinds, breached their security, and embedded malware into their software. So, as they released their updates in March through June approximately, all those updates had this malware embedded in it.

So, from a trusted source, from a trusted leader in the industry is how all these organizations were breached.

Now the numbers say that approximately 18,000 organizations downloaded these updates that had malicious code in it. Wow, so right now this week, organizations of all sizes and US government agencies are just scrambling. Are they in the system? Are they in the networks? They don't know. I mean, the only reason they found out is because FireEye got hacked, and they started looking into how. What happened to them? How did they get hacked?

How did hackers sneak malware into a software update?

Hackers managed to access a system that SolarWinds uses to put together updates to its Orion product, the company explained in a filing with the SEC. From there, they inserted malicious code into otherwise legitimate software updates. This is known as a supply-chain attack, because it infects software while it's being assembled.

All right, so here's also another little, here's something else that the NSA, National Security Agency, the premier US intelligence organization that hacks into foreign networks and defends national security agencies from attacks apparently did not know of the breach in the network monitoring software made by SolarWinds until it was notified last week by FireEye. The NSA itself uses SolarWinds's software and nearly all of the Fortune 500 companies, including the New York Times, which is what I'm reading right now, including the New York Times, uses SolarWinds's products. So does the Los Alamos National Laboratory where nuclear weapons are designed, okay, and Boeing contractors. So they're just saying that they also use SolarWinds but there is no confirmation that they have been breached.

But I did read earlier today reports that Microsoft has confirmed and announced that they were also breached as well as, I don't know which one, but it was released that a US nuclear weapons facility had been breached.

And we're just barely hearing the beginning. I mean, this is a big deal. It's a big hype, a lot of news.

How does the SolarWinds Hack Impact Small Business?

How does this impact the small business, the community?

On the surface, it may not seem like it does. It's just, it's one of those things, chalk it up to 2020 and the chaos and disruption. But this stuff trickles down. It does not just stop there because now it shows how vulnerable, even more vulnerable we are. And does that mean, we just say, "Well, if those guys have all their stuff in place and they're the experts and they get hacked, what hope do I have?"

Well, that's a good point. And the experts say that you need to plan on being hacked.

How does this relate to you? How does it relate to me? We need to make sure not only we're doing the best we can to mitigate any attacks or breaches, but more importantly, we must cover our behinds.

Do we have plans in place when something happens?

Do we have PR plans in place?

How do we communicate with clients and/or customers or vendors?

How do we protect our business?

How do we protect the liability of our business or an interruption of operations?

This is front of mind for me, obviously, because I'm dealing with a lot of the residual effects and also really focused on making sure that our clients are protected or at least we're advising them the best we can.

Stay tuned, there will be more information as we share, as we find out more, we'll share more information.

Don't hesitate to reach out to me. I can be contacted via email or Facebook, LinkedIn, all of the above, and happy to answer any questions or chat or anything like that.

Again, my name is Byron Martin, CEO of Teknologize, teknologize.com.

Thank you again and we'll talk to you again soon.

Teknologize is a Managed Service Provider with clients throughout the Pacific Northwest with offices located in the Tri-Cities and Yakima, Washington 509.396.6640 and Bend, Oregon 541.848.6072.